CVE-2025-66423

CVSS v3.1

7.1

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2025-66423

Affected Products

Tryton

CVE-2025-66423

Weakness Enumeration

Related Identifiers

Affected Products

References · 3